On Thu, 2004-04-15 at 14:35, Matt wrote: > hi, i'm new to bering-uclibc and shorewall (but have used lrp and > dachstein). > > I'm getting hundreds of icmp "hits" showing up in the shorewall log > between my bering box and one of my local machines. here's an example: > > Jan 1 00:00:00 unity Shorewall:all2all:REJECT: IN= OUT=eth0 MAC= > SRC=192.168.1.1 DST=192.168.1.5 LEN=83 TOS=00 PREC=0x00 TTL=64 ID=29297 > PROTO=ICMP TYPE=3 CODE=0 > > eth0 is my lan interface (192.168.1.1), and ppp0 is the net interface (dialup). I > think that a solution would be to add the following line to the > shorewall policy, but i have some questions on it... > fw loc ACCEPT > > this seems like a very "normal" thing to do, so why is it not set in the > default config? are there any reasons to not accept these connections > (other than local attacks on the firewall)? > > thanks, > -matt
in a few hours (and a lot of comparing log entries to network activity) I was able to determine that dhcp requests were causing the problem. dhcp was actually working (client machines were being assigned addresses, albeit not very gracefuly) but the dhcp discover, offer, ack, etc process wasn't able to complete due to shorewall blocking something.... setting the dhcp option for eth0 in the shorewall interface file fixed it. Tom, i do not have 'norfc1918' set for my ppp interface. i'll read up on rfc1918 tomorrow, but do you know from expierence if this should be set? thanks all, -matt ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
